27 matches found
NTPsec < 1.1.0 DoS Vulnerability
NTPsec is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntpsec:ntpsec";...
Linux Distros Unpatched Vulnerability : CVE-2018-7182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet...
RHEL 8 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: decodearr can write beyond its buffer limit CVE-2018-7183 - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in NTP
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details CVEID: CVE-2018-7185 DESCRIPTION: NTP is vulnerable to a denial of service. By sending specially crafted packets, a remote authenticated attacker could exploit this...
USN-4563-2 ntp vulnerability
USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cau...
SUSE: Security Advisory (SUSE-SU-2018:0956-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : NTP vulnerability (USN-4563-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4563-1 advisory. It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of...
Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1451)
The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by...
CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference...
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read PoC Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/blog/cve-2018-7182 Vendor Homepage: http://www.ntp.org/ Software Link:...
ntpd 4.2.8p10 - Out-of-Bounds Read Exploit
Exploit for linux platform in category local exploits Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read PoC Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/blog/cve-2018-7182 Vendor Homepage:...
SUSE SLES12 Security Update : ntp (SUSE-SU-2018:1765-2)
This update for ntp fixes the following issues : Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read overru...
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
IBM SECURITY ADVISORY First Issued: Tue Aug 14 14:48:57 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/ntpadvisory10.asc https://aix.software.ibm.com/aix/efixes/security/ntpadvisory10.asc...
USN-3707-1: NTP vulnerabilities
Yihan Lian discovered that NTP incorrectly handled certain malformed mode 6 packets. A remote attacker could possibly use this issue to cause ntpd to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. CVE-2018-7182 Michael Macnair discovered that...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:1765-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
SUSE SLES12 Security Update : ntp (SUSE-SU-2018:1464-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
GLSA-201805-12 : NTP: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201805-12 NTP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code or caus...
Medium: ntp
Issue Overview: The monlist feature in ntprequest.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service traffic amplification via forged 1 REQMONGETLIST or 2 REQMONGETLIST1 requests, as exploited in the wild in December 2013. CVE-2013-5211 A malicious authenticated...
openSUSE Security Update : ntp (openSUSE-2018-376)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:0956-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...